Hi,
I put my SQL server behind the firewall, and I have put SQL_PORT and “Reporting Services Configuration” in the exception list.
However, on a remote machine, if I use SQL Reporting Services Configuration Manager to change the Database Connection setting, I will get an error in the “Create a Grants Rights Script” stage.
Looking at the exception, it points to an RPC problem.
System.Runtime.InteropServices.COMException (0x800706BA): The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObjectSearcher.Initialize()
at System.Management.ManagementObjectSearcher.Get()
at Microsoft.ReportingServices.Diagnostics.WebUtil.GetIPAddresses(String machine)
at ReportServicesConfigUI.Panels.DatabaseSetupPanel.IsLocalDbServer(String dbServer)
at ReportServicesConfigUI.Panels.DatabaseSetupPanel.SetDatabaseConnectionTask(String connectionString, String server, String database, ConfigurationCredentialsType credsType, String account, String password, Boolean upgrade, String dbVersion)
Does it mean that I have to enable ALL RPC ports in order to configure RS behind a firewall?
Thanks,
Patrick Ng
Did Anybody found a solution for this..
I'm also facing the same problem...
Thanks
|||The Configuration Manager uses WMI in some communication with the SQL Server catalog machine. You will need to ensure your firewall allows DCOM traffic between the two boxes while you are setting them up. The following article suggests protecting communication between the boxes using IPsec:
http://msdn2.microsoft.com/en-us/library/ms159272.aspx
Thanks, Donovan.
|||Just to clarify - In the firewalled scenario, typically you are trying to allow users from outside the firewall to view/access reports. To do this they need URL based access (typically port 80) on to the report server. These users do not need acess to WMI - it is only used for administrative reasons (like creating the report server database). You should not expose the WMI provider (DCOM) outside your firewall. The operation you’re trying to do is an administrative operation that should be carried out inside the safety of your network either locally on the computer or through a secure channel inside your network. Exposing DCOM to the broader network significantly increases your security exposure and should not be done unless you have really good reason for doing it and consider ahead of time the implications.
Hope that helps,
-Lukasz
|||From what I could tell DCOM runs on TCP 135. When I opened this port between my reporting server and my sql server, it still gives the same error. Are there additional ports that you're aware of, or am I wrong altogether?|||Open your firewall log and see if you can determine which port is being used but is blocked.
No comments:
Post a Comment